1 files changed, 9 insertions, 9 deletions
diff --git a/src/lib/libssl/ssl_packet.c b/src/lib/libssl/ssl_packet.c
index 9ffc27e9a7..d5d5996735 100644
--- a/src/lib/libssl/ssl_packet.c
+++ b/src/lib/libssl/ssl_packet.c
@@ -106,11 +106,11 @@ ssl_convert_sslv2_client_hello(SSL *s)
                return -1;
        if (record_length < 9) {
-                SSLerror(SSL_R_RECORD_LENGTH_MISMATCH);
+                SSLerror(s, SSL_R_RECORD_LENGTH_MISMATCH);
                return -1;
        }
        if (record_length > 4096) {
-                SSLerror(SSL_R_RECORD_TOO_LARGE);
+                SSLerror(s, SSL_R_RECORD_TOO_LARGE);
                return -1;
        }
@@ -149,7 +149,7 @@ ssl_convert_sslv2_client_hello(SSL *s)
        if (!CBS_get_bytes(&cbs, &challenge, challenge_length))
                return -1;
        if (CBS_len(&cbs) != 0) {
-                SSLerror(SSL_R_RECORD_LENGTH_MISMATCH);
+                SSLerror(s, SSL_R_RECORD_LENGTH_MISMATCH);
                return -1;
        }
@@ -234,14 +234,14 @@ ssl_server_legacy_first_packet(SSL *s)
        if (ssl_is_sslv2_client_hello(&header) == 1) {
                /* Only permit SSLv2 client hellos if TLSv1.0 is enabled. */
                if (ssl_enabled_version_range(s, &min_version, NULL) != 1) {
-                        SSLerror(SSL_R_NO_PROTOCOLS_AVAILABLE);
+                        SSLerror(s, SSL_R_NO_PROTOCOLS_AVAILABLE);
                        return -1;
                }
                if (min_version > TLS1_VERSION)
                        return 1;
                if (ssl_convert_sslv2_client_hello(s) != 1) {
-                        SSLerror(SSL_R_BAD_PACKET_LENGTH);
+                        SSLerror(s, SSL_R_BAD_PACKET_LENGTH);
                        return -1;
                }
@@ -250,7 +250,7 @@ ssl_server_legacy_first_packet(SSL *s)
        /* Ensure that we have SSL3_RT_HEADER_LENGTH (5 bytes) of the packet. */
        if (CBS_len(&header) != SSL3_RT_HEADER_LENGTH) {
-                SSLerror(ERR_R_INTERNAL_ERROR);
+                SSLerror(s, ERR_R_INTERNAL_ERROR);
                return -1;
        }
        data = (const char *)CBS_data(&header);
@@ -260,15 +260,15 @@ ssl_server_legacy_first_packet(SSL *s)
            strncmp("POST ", data, 5) == 0 ||
            strncmp("HEAD ", data, 5) == 0 ||
            strncmp("PUT ", data, 4) == 0) {
-                SSLerror(SSL_R_HTTP_REQUEST);
+                SSLerror(s, SSL_R_HTTP_REQUEST);
                return -1;
        }
        if (strncmp("CONNE", data, 5) == 0) {
-                SSLerror(SSL_R_HTTPS_PROXY_REQUEST);
+                SSLerror(s, SSL_R_HTTPS_PROXY_REQUEST);
                return -1;
        }
-        SSLerror(SSL_R_UNKNOWN_PROTOCOL);
+        SSLerror(s, SSL_R_UNKNOWN_PROTOCOL);
        return -1;
 }

diff --git a/src/lib/libssl/ssl_packet.c b/src/lib/libssl/ssl_packet.c index 9ffc27e9a7..d5d5996735 100644 --- a/src/lib/libssl/ssl_packet.c +++ b/src/lib/libssl/ssl_packet.c
@@ -106,11 +106,11 @@ ssl_convert_sslv2_client_hello(SSL *s)
106	return -1;	106	return -1;
107		107
108	if (record_length < 9) {	108	if (record_length < 9) {
109	SSLerror(SSL_R_RECORD_LENGTH_MISMATCH);	109	SSLerror(s, SSL_R_RECORD_LENGTH_MISMATCH);
110	return -1;	110	return -1;
111	}	111	}
112	if (record_length > 4096) {	112	if (record_length > 4096) {
113	SSLerror(SSL_R_RECORD_TOO_LARGE);	113	SSLerror(s, SSL_R_RECORD_TOO_LARGE);
114	return -1;	114	return -1;
115	}	115	}
116		116
@@ -149,7 +149,7 @@ ssl_convert_sslv2_client_hello(SSL *s)
149	if (!CBS_get_bytes(&cbs, &challenge, challenge_length))	149	if (!CBS_get_bytes(&cbs, &challenge, challenge_length))
150	return -1;	150	return -1;
151	if (CBS_len(&cbs) != 0) {	151	if (CBS_len(&cbs) != 0) {
152	SSLerror(SSL_R_RECORD_LENGTH_MISMATCH);	152	SSLerror(s, SSL_R_RECORD_LENGTH_MISMATCH);
153	return -1;	153	return -1;
154	}	154	}
155		155
@@ -234,14 +234,14 @@ ssl_server_legacy_first_packet(SSL *s)
234	if (ssl_is_sslv2_client_hello(&header) == 1) {	234	if (ssl_is_sslv2_client_hello(&header) == 1) {
235	/* Only permit SSLv2 client hellos if TLSv1.0 is enabled. */	235	/* Only permit SSLv2 client hellos if TLSv1.0 is enabled. */
236	if (ssl_enabled_version_range(s, &min_version, NULL) != 1) {	236	if (ssl_enabled_version_range(s, &min_version, NULL) != 1) {
237	SSLerror(SSL_R_NO_PROTOCOLS_AVAILABLE);	237	SSLerror(s, SSL_R_NO_PROTOCOLS_AVAILABLE);
238	return -1;	238	return -1;
239	}	239	}
240	if (min_version > TLS1_VERSION)	240	if (min_version > TLS1_VERSION)
241	return 1;	241	return 1;
242		242
243	if (ssl_convert_sslv2_client_hello(s) != 1) {	243	if (ssl_convert_sslv2_client_hello(s) != 1) {
244	SSLerror(SSL_R_BAD_PACKET_LENGTH);	244	SSLerror(s, SSL_R_BAD_PACKET_LENGTH);
245	return -1;	245	return -1;
246	}	246	}
247		247
@@ -250,7 +250,7 @@ ssl_server_legacy_first_packet(SSL *s)
250		250
251	/* Ensure that we have SSL3_RT_HEADER_LENGTH (5 bytes) of the packet. */	251	/* Ensure that we have SSL3_RT_HEADER_LENGTH (5 bytes) of the packet. */
252	if (CBS_len(&header) != SSL3_RT_HEADER_LENGTH) {	252	if (CBS_len(&header) != SSL3_RT_HEADER_LENGTH) {
253	SSLerror(ERR_R_INTERNAL_ERROR);	253	SSLerror(s, ERR_R_INTERNAL_ERROR);
254	return -1;	254	return -1;
255	}	255	}
256	data = (const char *)CBS_data(&header);	256	data = (const char *)CBS_data(&header);
@@ -260,15 +260,15 @@ ssl_server_legacy_first_packet(SSL *s)
260	strncmp("POST ", data, 5) == 0 \|\|	260	strncmp("POST ", data, 5) == 0 \|\|
261	strncmp("HEAD ", data, 5) == 0 \|\|	261	strncmp("HEAD ", data, 5) == 0 \|\|
262	strncmp("PUT ", data, 4) == 0) {	262	strncmp("PUT ", data, 4) == 0) {
263	SSLerror(SSL_R_HTTP_REQUEST);	263	SSLerror(s, SSL_R_HTTP_REQUEST);
264	return -1;	264	return -1;
265	}	265	}
266	if (strncmp("CONNE", data, 5) == 0) {	266	if (strncmp("CONNE", data, 5) == 0) {
267	SSLerror(SSL_R_HTTPS_PROXY_REQUEST);	267	SSLerror(s, SSL_R_HTTPS_PROXY_REQUEST);
268	return -1;	268	return -1;
269	}	269	}
270		270
271	SSLerror(SSL_R_UNKNOWN_PROTOCOL);	271	SSLerror(s, SSL_R_UNKNOWN_PROTOCOL);
272		272
273	return -1;	273	return -1;
274	}	274	}